Can't install Manjaro on my HP laptop


I am having issues with using Manjaro Linux on my HP Envy x360. More precisely, it just won’t let me boot from the USB flash drive. When I turn on my laptop, then press ESC, then F9, and choose the device, an error comes up saying “Selected boot image did not Authenticate. Press <Enter> to Continue.”

Steps I’ve tried:

  • Updating my BIOS (downloading an .exe from the official HP driver webpage)
  • Turning off Secure Boot in BIOS
  • Trying to turn on legacy mode (wasnt able to do that; my BIOS didnt have this option, even after updating it)

Other info:

  • I am using WI-FI,
  • The desktop environment of Manjaro is GNOME,
  • I am using a Samsung USB flash drive with 32Gb storage,
  • I tried to flash Manjaro Linux with both balenaEtcher and Rufus,
  • I was able to boot Ubuntu Linux.

I read somewhere that BIOS doesn’t let me to boot images that don’t have a Microsoft signature, but how did Ubuntu work if it’s a Linux distro?

Welcome to the forum! :slight_smile:

This is only true if Secure Boot is enabled. However, if the laptops’s UEFI ─ note: it is not a BIOS ─ has authentication keys from Microsoft stored in its non-volatile memory, then you will need to delete those authentication keys before you can disable Secure Boot.

Ubuntu has chosen to support Secure Boot by inserting a shim ─ effectively a Microsoft-certified authentication token, for which Canonical had to pay a one-time fee to Microsoft ─ between the UEFI firmware and the GRUB boot loader. Manjaro on the other hand does not support Secure Boot.

By the way, it is not necessary to enable legacy BIOS emulation (alias CSM, or “compatibility support module”) in the UEFI setup utility in order to install Manjaro. In fact, we recommend installing in native UEFI mode, and especially so if you’re going to be dual-booting with Microsoft Windows 10, which comes installed in UEFI mode by default.


Can you please explain more about this? Because I have no idea on how to do that.
Also, I forgot to mention that whenever I turn Secure Boot off and save settings, then go to BIOS Setup Utility (at least it’s called like this), Secure Boot is enabled.
My laptop uses Ryzen 5 4500U with Radeon Graphics

Neither have I, because I tend to avoid Microsoft-certified hardware. :stuck_out_tongue:

You’ll have to go through the settings in your UEFI firmware setup utility in order to find the Microsoft authentication keys and then delete them. You can find information about that on the web ─ possibly even here at the forum, albeit that it may have been discussed at the old and now archived forum, which you can find here. :arrow_down:

The old forum crashed and the database was corrupted, so we had to start all over again in August of 2020, but the old forum remains available as a read-only archive.

Yes, and that is because of those authentication keys. As long as they are stored in your computer’s firmware settings, you won’t be able to turn off Secure Boot.

1 Like

Interesting topic.
If you have deleted those keys, are they gone forever?

I mean, if you have to return your laptop for some reason, will it accept a fresh Win install?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.